From 677ef4ddbe7e4727303d799a415543cb65426a76 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Fri, 24 Feb 2023 16:37:36 +0100 Subject: Allow connecting a new session to a one-time access code (Add support for browser-based login flow) --- .../imagemaster/session/SessionManager.java | 49 ++++++++++++++++++++++ 1 file changed, 49 insertions(+) (limited to 'src/main/java/org/openslx/imagemaster/session/SessionManager.java') diff --git a/src/main/java/org/openslx/imagemaster/session/SessionManager.java b/src/main/java/org/openslx/imagemaster/session/SessionManager.java index 57973ac..a7c7cb9 100644 --- a/src/main/java/org/openslx/imagemaster/session/SessionManager.java +++ b/src/main/java/org/openslx/imagemaster/session/SessionManager.java @@ -6,12 +6,15 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.UUID; +import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.openslx.bwlp.thrift.iface.ClientSessionData; import org.openslx.bwlp.thrift.iface.Satellite; +import org.openslx.bwlp.thrift.iface.TAuthorizationException; +import org.openslx.bwlp.thrift.iface.TNotFoundException; import org.openslx.bwlp.thrift.iface.UserInfo; import org.openslx.imagemaster.db.mappers.DbSatellite; import org.openslx.imagemaster.util.Hash; @@ -29,6 +32,9 @@ public class SessionManager // Map of currently known sessions private static final Map sessions = new LinkedHashMap<>(); + // Map of pending "access code -> session" lookups + private static final Map accessCodes = new ConcurrentHashMap<>(); + public static ClientSessionData addSession( Session session ) { final String authToken = Hash.md5( UUID.randomUUID().toString() ); @@ -48,6 +54,20 @@ public class SessionManager return new ClientSessionData( sessionId, authToken, sats, ui ); } + public static ClientSessionData addSession( Session session, String accessToken ) + { + ClientSessionData s = addSession( session ); + if ( accessToken != null ) { + accessCodes.put( accessToken, new AccessCode( s, null ) ); + } + return s; + } + + public static void addAuthError( TAuthorizationException ex, String accessToken ) + { + accessCodes.put( accessToken, new AccessCode( null, ex ) ); + } + static { QuickTimer.scheduleAtFixedDelay( new Task() { @Override @@ -62,10 +82,20 @@ public class SessionManager } } } + Iterator it = accessCodes.values().iterator(); + while ( it.hasNext() ) { + final AccessCode s = it.next(); + if ( s.timedOut() ) { + it.remove(); + } + } } }, 123, TimeUnit.MINUTES.toMillis( 13 ) ); } + /** + * Get from userToken, known to satellite servers. + */ public static Session getSessionFromToken( String token ) { if ( token == null || token.length() != 32 ) { @@ -82,6 +112,9 @@ public class SessionManager return session; } + /** + * Get from sessionId, only known by client/user and us. + */ public static Session getSessionFromSessionId( String sessionId ) { if ( sessionId == null || sessionId.length() != 64 ) { @@ -125,4 +158,20 @@ public class SessionManager } } + /** + * Get the according session data (satToken, masterToken) for given access code, which was + * supplied by the client earlier. This can only be done once; retrieving the session will remove + * the entry from the lookup table. + */ + public static ClientSessionData getSessionFromAccessCode( String accessCode ) + throws TNotFoundException, TAuthorizationException + { + AccessCode data = accessCodes.remove( accessCode ); + if ( data == null ) + throw new TNotFoundException(); + if ( data.ex != null ) + throw data.ex; + return data.clientSession; + } + } -- cgit v1.2.3-55-g7522